package com.callbell.cas.handler;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

import com.callbell.cas.util.MD5Util;
import com.callbell.cas.util.ResourceBundleUtil;

/**
 * 自动登录
 * 
 * @author xlh
 *
 */
public class AutoLoginController extends AbstractController {
	
	private CentralAuthenticationService centralAuthenticationService;

	private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;

	@Override
	protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception {
		String userName = ServletRequestUtils.getStringParameter(request, "userName");
		String keySecret = ServletRequestUtils.getStringParameter(request, "keySecret");
		String timeStamp = ServletRequestUtils.getStringParameter(request, "timeStamp");
		String service = ServletRequestUtils.getStringParameter(request, "service");
		String key = ResourceBundleUtil.getProperty("auto.login.key");
		String keySecretNew = MD5Util.encryption(key + "_" + userName + "_" + timeStamp);//加密的新签名
		
		if(keySecret == null || "".equals(keySecret)){
			throw new Exception("签名参数不能为空!");
		}
		if(!keySecret.equalsIgnoreCase(keySecretNew)){
			throw new Exception("两次签名不一致, 不允许登录!");
		}
		
		long currentStamp = System.currentTimeMillis() / 1000;
		long brforeStamp = Long.parseLong(timeStamp);
		long diffStamp = (currentStamp - brforeStamp) / (1000 * 60);
		if(diffStamp > 10){//超过十分钟不允许登录
			throw new Exception("登录超时!");
		}
		
		String password = "0", loginType = "1";
		String viewName = forwardLoginSuccess(request, response, userName, password, loginType, service);
		return new ModelAndView(viewName);
	}
	
	private String forwardLoginSuccess(HttpServletRequest request, HttpServletResponse response, String loginName, String password, String loginType, String service) throws IOException{
		UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
		credentials.setUsername(loginName);
		credentials.setPassword(password);
		credentials.setLoginType(loginType);
		credentials.setOverideLogin("true");
		
		try {
			String ticketGrantingTicket = centralAuthenticationService.createTicketGrantingTicket(credentials);
			ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicket);
		} catch (TicketException e) {
			e.printStackTrace();
		}
		return ("redirect:login" + ((service != null && service.length() > 0) ? "?services=" + service : ""));
//		System.out.print(service);
//		return ("redirect:"+service);
	}
	
	public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
		this.centralAuthenticationService = centralAuthenticationService;
	}

	public void setTicketGrantingTicketCookieGenerator(
			CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator) {
		this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
	}
}
